Severity by source
AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N
Primary rating from Vendor (microsoft) · only source for this CVE.
CVSS VectorVendor: microsoft
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N
Lifecycle Timeline
1DescriptionCVE.org
Microsoft Bing Search Spoofing Vulnerability
AnalysisAI
Microsoft Bing Search Spoofing Vulnerability. Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Technical ContextAI
Affected products include: Microsoft Bing.
RemediationAI
A vendor patch is available. Apply the latest security update as soon as possible. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
The Microsoft Bing application before 4.2.1 for Android allows remote attackers to install arbitrary APK files via vecto
Missing Authentication for Critical Function in Microsoft Bing allows an unauthorized attacker to execute code over a ne
A spoofing vulnerability exists when Microsoft Bing Search for Android improperly handles specific HTML content, aka 'Mi
UI misrepresentation of critical information in Microsoft Bing Search for Android (versions below 33.3) enables unauthen
Same technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today